Last edition: 01 May 2025
SCARB (“Website”, “Add-on”, “my”, “our”, “us”) brings you! Since you have now moved to our Privacy and Cookies Policy, please take a short break and carefully read this text.
This Privacy and Cookies Policy (“Policy”) refers to how the SCARB digital product applies – the website provided by https://scarb.co/ and the SCARB mobile app (hereinafter referred to as the “Website/Appendix”), which are administered by LLC “Effiz”.
Our Privacy and Cookies Policy explains how we collect, store, and protect data that is stolen from you as a result of your visit to the Website/Appendix. Vikorist Website/Addendum, You acknowledge that you have read and understood the Privacy Policy and Cookies Policy, and agree to all other provisions.
Since you are not good enough (or you can’t get good enough) with the Minds of Corruption and this Policy, you do not have the right to borrow the Website/Addendum. Be kind, tell us about your misfortune in any way indicated in section 16. CONTACTS this Policy. This Policy applies to all users of the Website/Add-on (both employees who use the mobile add-on and the most important representatives of robot sellers who use the SCARB HR panel).
What a reasonable and reliable setting!
PERSONAL DATA – information and the totality of information about an individual who is identified or can be specifically identified.
COOKIES are small files that are saved on your device (computer or mobile device) when visiting websites or other add-ons.
DATA HOLDER (CONTROLLER) – a physical or legal person who holds personal data (including a third person). For the purposes of this Policy, we act as the Controller of your personal data.
DATA PROCESSOR (PROCESSOR) is a natural or legal person who is the owner of personal data and the law gives the right to process this data in the name of the owner. We can hire third parties as agents to process data on our behalf.
DATA SUBJECT is a physical person, personal data of which is collected. KORISTUVACH is a physical person who is a vikorist Website/Addendum. Koristuvach is the subject of the data.
HR-PANEL is a web interface of the SCARB administrative panel, used for updating important representatives of the employer (HR managers) by reviewing the latest data and analytics for the psychological development of practitioners.
GDPR – General Data Protection Regulation (Regulation (EU) 2016/679), which means it is possible to process personal data of EU/EEP residents.
CCPA – California Consumer Privacy Act, which establishes rules for the processing of personal data of residents of the state of California, USA.
DPA – Data Processing Agreement – an agreement between the controller and processor that regulates the processing of personal data.
SCC – Standard Contractual Clauses – standard clauses approved by the European Commission to ensure adequate protection of personal data during international transfers.
TIA – Transfer Impact Assessment – assesses the risks for personal data when it is transferred to such an extent that it does not provide adequate protection.
Personal details. While accessing the Website/Addendum, you can provide us with information by which you can be identified or contacted. Before such Personal tributes lie, zokrema, otherwise not inclusive:
Dani koristuvannya. We can also automatically collect song data from your browser or when you use the Website/Appendix ( Cost Data ). Such data does not allow us to directly identify you, but may be considered personal by relating it to other information. Gifts may include:
Cookies data. We use Cookies and similar technologies to enhance the functionality of our Website/Appendix and your satisfaction. Cookies are small text files that are processed by our service and saved on your device. Cookies may collect and store information about your use of the Website/Appendix, for example, your preferences or login status.
You can configure your browser so that you are aware of all Cookies or notify you when Cookies are being abused. Please note that if Cookies are enabled, parts of our Website/Appendix may not function correctly or become inaccessible.
Use Cookies as we are victorious:
Note about third-party cookies: These cookies may be set by third-party services that work with them (for example, Google). We are not responsible for the Cookies policies of third party sites and recommend that you read their privacy policies (Section 13. CONTENTS ON THIRD PARTY WEBSITES OSIB ).
SCARB collects data for a variety of purposes, for:
We collect your personal data on legal platforms , subject to proper data protection legislation. Depending on the specific situation, various transactions with the data may be carried out on the basis of your year, the need for a contract (the assignment of services to you in accordance with the law), the contract our legal requirements, as well as on the basis of our legitimate interests (for example, maintaining the safety and integrity of the service). If you would like to obtain more information about the legal framework for processing specific categories of data, please refer to the contacts provided in section 16. CONTACTS .
We save your personal data only for as long as is necessary to achieve the purposes of this Policy, unless otherwise required by law. This means that your information will be protected as long as you use our Website/Appendix and have an active account, as well as for a reasonable period after deactivating the account (for example, to establish legal goiter or the height of possible disputes).
Saving lines can be stored in the data type:
After the need to process your data from the pad, or after deleting the stored data, we can delete or anonymize personal data. Anonymization means that all identifying elements will be permanently deleted and the data will no longer be associated with you.
Please note that deleting your data from our backups and archives may take an additional hour. We can also save minimally necessary information after deleting the cloud record, which is necessary to resolve our legal issues, resolve disputes, or ensure the protection of our interests. (for example, saving information about the year or history of the animal before support service).
The main server requirements for storing and processing collected data are located on the territory of Ukraine. At the same time, inspecting the global architecture of our infrastructure (and the dark services of the Digital Ocean company from points of presence in different regions - the USA, Europe, Asia, Australia, Canada), your data may be transferred, stored or transferred outside the country or jurisdiction of your residence. This means that in some cases, your personal data may be accessed on servers located in other countries, where the data security laws may differ from the laws of your jurisdiction.
We are aware of the risks associated with international data transfer and take necessary steps to ensure the proper security of your information, regardless of where it is processed. . Zokrema:
Your use of the Website/Appendix and the provision of information to us shall be deemed to be subject to such international transfer, saving and processing of data (in such cases as required by law). We guarantee that regardless of the place of processing, your personal data will be subject to the security procedures described in this Policy. If you require additional information about the mechanisms for the international transfer of your data, please contact the contacts provided in section 16. CONTACTS .
We do not sell or transfer your personal data to third parties, other than as expressly provided in this Policy or by law . In certain situations, we may need to reveal (transfer) your tributes to the enclosed stake of possessors. These types of attacks are:
In all cases of data disclosure, we adhere to the principle of minimal sufficiency: we provide third parties with only the information that is really necessary for a particular purpose. We do not share your personal data with any unreliable or irreplaceable influencers.
We respect the security of your personal data. To protect information from unauthorized access, change or destruction, we have implemented a set of technical and organizational security measures, ranging from the most rigorous Galouze practices. Zokrema:
While we want to do everything we can to protect your data, it is important to understand that the usual method of transmitting data over the Internet and the method of electronic storage is not 100% secure . This means that, regardless of our commitment, we cannot guarantee the absolute security of the information. If, no matter what happens in your life, there is a turn or an incident with your data, we will inform you (subject to the law) and do everything possible to minimize negative consequences.
We also urge you to follow steps to protect your data: keep track of your data in the cloud data vault, use complex passwords, and do not transmit information, the disclosure of which could cause you significant harm, through unprotected channels. If you suspect that your account record has been compromised, or if you have noticed any security issue or problem on our Website/Appendix, please notify us (Section 16. CONTACTS ).
We are committed to providing you with greater control over your personal data. As you are a resident of Ukraine, we guarantee the implementation of the rights of the data subject transferred by the Law of Ukraine “On the Protection of Personal Data”. If you are located in the territory of the European Union or the European Economic Area (EU/EEA), you also have rights under the Global Data Protection Regulation (GDPR). Below is a description of your basic rights regarding personal data that you can access quickly:
In order to quickly obtain any of the listed rights, you can contact us at any time - just send your contact information to our email address or postal address specified in section 16. CONTACTS . For certain requests (for example, requests for access or remote access), we can also provide you with a manual tool through your account record or a special form.
Verification of an individual: in order to exercise your rights, we may have to verify your identity in order to confirm that you are the subject of the personal data. This prevents unauthorized access to your information along with other people. For example, we may ask you to register with the same email address associated with your SCARB account, or to provide additional information for confirmation.
We are reporting to everyone in order to respond to your request within 30 days from the date of your cancellation. This line can be extended for another 30 days in case of difficulty or a large number of one-hour requests - in this case we will inform you about the extension and reasons for the delay.
Vidmova from the Vikonanny will ask: in some cases we can legally ask the Vikon to ask for your question (in general or in part). This will become unnecessary if the corresponding question is groundless or supernatural (for example, it is repeated for no real reason) or because we may have the right to edit the question according to the law. Once we see it, we will clearly explain to you the reason for this and let us know about the possibility of disgrace.
You also have the right to submit your claim to the competent authority for data protection . If you are in Ukraine, such a body is the Supreme Council of Ukraine for Human Rights (Ombudsman) or another body established by law. If you are in the EU/EEZ, you can complain about your money to the national body for the protection of the data of your country or the country where the place is destroyed. Contact details of national authorities are available on the official website of the European Commission or by contacting: https://edpb.europa.eu/about-edpb/about-edpb/members_en. If you are in California, you may be entitled to rights under the CCPA (Section 10. RIGHTS OF CALIFORNIA RESIDENTS below).
We will be careful that before regulators you give us a chance to resolve the problem head-on. In the future, you can immediately write to us about your anxiety, and we will try to promptly supply food to your satisfaction.
If you reside in the State of California (USA), you are subject to the provisions of the California Consumer Privacy Act (CCPA) and related regulations. We are required to comply with the CCPA when collecting personal information from California residents. Zokrema, You have the right to use your data:
To quickly obtain your rights under the CCPA, or your trusted representative, you can send us a verification request (section 16. CONTACTS for communication methods). To verify your identity when the entry is removed, we can ask you to provide additional information (using the method of reconverting, so that you yourself are the owner of the data). Ask your authorized representative to provide additional confirmation (for example, a notarized power of attorney or other document that confirms the right to act in your name).
Because you have rights under the CCPA or because we handle personal information for California residents, please contact us for contact information in Section 16. CONTACT US . We have prepared this Policy in accordance with the CCPA, and the parts related to the categories of collected data, the purposes of data transfer, transferred to third parties, and also satisfy the requirements of the CCPA.
To ensure the operation of our service, we may engage third party companies and others who process your personal data on our behalf ( third party processors or processing subcontractors ). It is important to make it easier for us to provide our Services and perform the singing functions (as described in section 7. DESCRIPTION OF THE DATA ).
Such third parties deny access to your personal data, including for the purpose of fulfilling specific tasks that we set before them, and are required not to speak out or misrepresent this data for any other purposes. In other words, our postal service providers cannot independently determine how to process your data - they only act within the framework of our instructions and agreements with us.
We carefully select partners whom we trust to process data, and establish data protection agreements (DPA) with them . In these areas, a number of requirements for confidentiality and security have been established. Zokrema, our processors are required to take the necessary technical and organizational steps to protect personal data, promptly notify us about security incidents, and help us respond to requests. subjects of these data too.
Applications of categories of third-party processors that we can obtain: dark platforms (for hosting), email and SMS services, analytics services, performance monitoring services, payment providers, Cybersecurity consulting firms, too. All of them fall under these agreements and control from our side.
We do not grant the right to a hardware processor to receive sub-processors without our approval . If any of our postal leaders would like to obtain additional support for assistance in processing your data, we are obliged to first reject our benefit and impose the same strict obligations on the sub-processor in order to protect the data.
List of the main third-party services that we use on Vikorist:
(This may result in changes to the development of our product; we are updating our Policy as we continue to introduce new categories of processors).
We repeat: Your data is forfeited under our jurisdiction if it is collected by third parties. We monitor and are responsible for ensuring that the processors we obtain adhere to privacy standards that are least consistent with the standards of this Policy.
We may use third-party services for monitoring, collecting and analyzing statistical data about the website/Add-on. Such analytics help us better understand the behavior of customers, evaluate the popularity of song functions and improve the product.
Google Analytics. One of the main analytical tools we use is Google Analytics, a web analytics service provided by Google. Google Analytics collects information about the behavior and activity of customers on our Website/Appendix through the use of Cookies and similar technologies.
Collected data (for example, data about your device, page details, session duration, geographical distribution in different places, as available) is transmitted to Google servers in a separate manner. Google collects this data to evaluate the content of our Website/Addendum and generate feedback for us. The reviews that we see from Google do not contain information that allows you to be directly identified - they are of an aggregative nature (for example, the number of registered clients during the current period, the middle hour of re-visiting the page).
Google may use collected data from Google Analytics to enhance its products and services and to personalize advertising across its advertising network. For example, information about your activities can be linked to what you get when you search on Google or YouTube. Important: We do not share any sensitive personal data (such as your entries or any information that identifies you by name) with Google Analytics. Google Analytics removes non-technical and non-specific information about the search engine.
A report on Google's privacy practices You can refer to Google's Privacy Policy: https://policies.google.com/privacy?hl=uk. It is also a good idea to familiarize yourself with the information about how Google collects copyright data if you use sites and supplements of their partners: https://policies.google.com/technologies/partner-sites.
How to view Google Analytics: If you do not want Google Analytics to track your activity on our Website/Appendix, you have several options. First, you can turn on saving cookies in your browser (section 3. Cookie data ), but you can also add other functions. In another way, Google is introducing a special Widmov module - Google Analytics Opt-out Browser Add-on , which you can install in your browser (available at: https://tools.google.com/dlpage/gaoptout). This tool does not allow Google Analytics JavaScript (ga.js, analytics.js, and dc.js) to share information with Google Analytics about advertising activity. On mobile devices, you can also select the option “Limit Ad Tracking” (for iOS) or “Opt out of Ads Personalization” (for Android) in your phone’s privacy settings - this will change the collection of data for advertising and analytical purposes.
Other analytical tools. At the time this Policy is updated, we do not use any other third party analytics services other than Google Analytics. Since we are likely to add a new analytics and tracking tool in the near future, we are obligated to update this Policy and (for the needs) of your year, as such a tool collects personal data between the descriptions here goals.
SCARB is a unique platform that serves two categories of clients: (1) health professionals who use a mobile device for self-monitoring and improvement of their mental health; and (2) robots/HR-managers , as a vikoryst analytical panel for identifying the manifestations of the team’s burning camp and managing the well-being program. This section describes how the principles of confidentiality are established in a corporate context and what obligations the parties face.
Roles of parties in data processing. When SCARB is installed in the corporate environment, a Data Processor acts as a data processor for the personal data of employees, which is collected through an addendum, in which case the robot seller (client company) acts controller (Data Controller) of such data. This means that the hiring company aims to collect data (improving the self-esteem of workers, analytics for HR, etc.), and our work is inclusively consistent with these inserts, hopefully technical service for data processing. However, for certain aspects (for example, product improvement, behind-the-scenes analytics) we can act as an independent controller - in this case we continue to adhere to all guarantees described in this Policy.
Please about data processing (DPA). For every corporate client (worker), we are responsible for the processing of data , which regulates our obligations as processors and ensures the compliance with Article 28 of the GDPR (as a matter of fact). This is to ensure compliance with the provisions on confidentiality, security issues, the procedure for providing assistance to the controller when requesting data from subjects and reporting incidents, etc. In other words, the DPA guarantees that the personal data of your company's spies will be processed by us strictly within the framework of our instructions and with due care. Upon request, we are ready to provide you with a copy of the standard DPA for your reference.
Data available to the robot seller. As a standard, HR managers and other employees who have access to the SCARB panel receive only aggregated, non-separate information about the team. For example: the average rate of enrollment in the program (about hundreds of healthcare workers who are actively seeking additional benefits), the average well-being index for the company and children, the main factors of stress based on training, etc. We define an “anonymity threshold” – a minimum number of participants for generating group data (usually at least 5-10 people in a group), in order to disable the ability to guess about a specific person. In this way, the confidentiality of the individual results of the skin test is ensured.
Personal alerts. In some cases, the meta service - preventive support for healthcare workers - can help transfer information about a specific worker to the robot seller. For example, if the system detects that the attitude of a singing worker is critically depressed (an acute sign of burnout, a low mood during the last hour, etc.), SCARB can formulate notifications for HR with a recommendation to carry out Contact your health professional individually or ask for help. Such notifications include special data (name or unique identifier of the employee) - without which it is impossible to provide targeted information. We would like to remind you that such functionality is activated only for the following reasons: (a) your obvious benefit (the doctor himself is aware of the possibility of such information during registration or in setting up privacy); (b) because such exchange of data directly transfers the contract between us and the employer, and complies with the labor policies of the company and the law. At any time, such data is passed on to a selected group of people (for example, an HR manager or a corporate psychologist) in order to preserve their confidentiality.
Obligations of a robot seller. The client company that provides SCARB for its employees is responsible for properly informing employees and removing unnecessary fees (if necessary) for processing. Your personal data within this platform. The employer is responsible for making employees aware of this Policy and the government's internal policies for welfare support programs (such as such). In addition, the robot seller of the requests to collect data, collected through SCARB, is also intended to promote the availability of healthcare workers and improve the efficiency of the work environment , and not for punitive people. discriminatory approaches. Any attempt to use information from SCARB to make negative disciplinary decisions without the consent of the police officer may be seen as a violation of trust and data security laws.
Confidentiality on par with HR. Individuals who have access to the SCARB HR Panel are required to adhere to the privacy principles as strictly as we do. This means that HR managers are prohibited from disclosing any information received through the platform to other security specialists and third parties, except for cases of official necessity and, therefore, internal company policies. For example, if HR rejects anonymized reports about stress in a family, you can discuss hidden issues with the cerevist, but you are not guilty of trying to identify other people or discuss concerns about specific practitioners publicly. Since HR has specifically rejected notifications about a particular employee, this information may be handled sensitively and confidentially, it is recommended that you first contact the employee directly or a corporate psychologist, rather than disseminating this information more broadly.
Limited access. We give every corporate client the ability to independently access the HR panel (see logins for personal accounts, assign roles with different rights and review data). The company is required to maintain an up-to-date list of individuals who have such access, and to ensure that access is requested whenever the current service provider is no longer up-to-date (for example, when calling or transferring to another Posad). We recommend that you secure HR accounts with two-factor authentication and do not use multiple logins for many people - this will increase security and audit access.
Responsibility for maintaining confidentiality. If the employer or his representative (HR) violates the requirements for confidentiality of the data of the employees (for example, transfer the data to third parties without permission, or the vikory data is not recognized), Responsibility for such damage falls on the worker as a controller. We, on our part, are prepared to accept the investigation of the incident and provide all necessary information to maintain confidentiality and trust.
It is clear: customer privacy is our top priority , and this applies to both individual practitioners and corporate clients. We operate SCARB in such a way as to bring value to both workers (improving their well-being) and workers (providing tools for team work), without violating ethical and legal privacy standards. If you, like a representative of a robot seller, or like a spivrobitnik, have a wine, be it a food item, or vykoristannya data from SCARB - please, contact us for clarification (contacts - in section 16. CONTACTS ).
Our Website/Appendix may be linked to third party websites or services that are not maintained by us. For example, a section of resources may have a post sent to an article on an external site, or in the add-on interface it can be sent to a partner’s platform.
Please note that we have no control over the privacy policies and practices of third party websites . If you go to a third-party site to receive instructions, our Policy no longer applies to you. By visiting a third-party resource, you are subject to the privacy policy of that resource.
We are not responsible for the content and activities of such third party websites. The presence of a message does not mean our praise or guarantee of the safety of that resource. You know and hope that SCARB (TOV “Effiz”) does not bear direct or indirect responsibility for any harm or waste caused by the abuse of any such third-party content, goods or services available on third-party websites.
We recommend that when accessing third-party resources, you should always be aware of their privacy policies and be careful to understand how they collect and abuse information about you. If you have lost your food or are in doubt about a third-party site, please contact the administrators of that site directly.
Our Website/Appendix is intended only for those who have reached the 14th century . We know that we do not collect personal data from children under 14 years of age without their parents or legal guardians.
By virtue of SCARB, you represent and warrant that you have received at least 14 years of service and that you are fully responsible for the civil service and are responsible for the recruitment of such minds and service. If you have not yet reached the age of 14, or if you do not have sufficient competence to provide such services, you are prohibited from using our Website/Appendix. In such a time, please, it’s a good idea to use the service.
We understand that a person under 14 years of age has provided us with her personal data without express permission, so we are promptly logged in to delete this information. Fathers or guardians who have discovered that their child (up to 14 years of age) has registered with our supplement can contact us (via the contacts below) and we will help you to remove additional information.
For merchants from 14 to 18 years of age: take into account that the renewal of the legislation of Ukraine comes from 18 years, we understand that non-agenarians of the age of 14-17 rocks) denied the fathers' participation in the corporate welfare program (as a matter of fact) and informed the fathers about the SCARB initiative. However, we do not rely on this letter from Fatherland, since Ukrainian legislation allows individuals over 14 years of age to independently process their personal data at any time. We interpret your acceptance of this Policy and use of the service as a confirmation of the fact that you are of the utmost importance (including for consumption - for the benefit of your father and employer) for the benefit of the employer SCARB.
We reserve the right to make changes from time to time prior to this Policy. Our data processing practices and practices may change as new features become available, legislation changes, or our security procedures are streamlined. Therefore, we may periodically update the text of the Policy to reflect the changes.
As we are notified of changes: whenever we make any changes, we publish a new version of the Policy on this page, with an updated “Revised Edition” date on the top of the document. If you make any changes, we will be notified in detail - for example, through a banner on our website or notifications in the mobile app. In cases where changes may actually affect your rights or the method of correcting your data, we can also send you an individual notification by email (to the address listed in your business record) from description of changes
We recommend that you review this Policy periodically to ensure that you are always aware of the current version. Your continued activity or use of the Website/Addendum after changes have been made means that you accept and agree to the updated Policy.
If you do not agree with any changes in the Policy, you are guilty of corruption of SCARB and you can contact us to delete your personal data.
We open your feeds, comments and queries to our Data Processing Policies and Practices. If you don’t understand, you want to quickly exercise your rights assigned to section 9 , or you have a proposal to reduce your privacy – contact us in one of the following ways:
Our representative at the Data Protection Office (DPO) will review your submission and provide a confirmation within a reasonable period of time (do not exceed 30 days). We appreciate your concern for privacy and are ready to help ensure visibility and control over your data in the face of SCARB compliance.